Routing Differnet Subnets over 2 x WAN Links

Unanswered Question
Nov 13th, 2009


Just wondered if anyone can assist with this as it's a urgent request from our customer.

Basically, we have a site with 2 x 34mb WAN links. The links work as traditional Primary / Backup so all traffic (e.g. is routed in/out of the Primary link under normal operation. Should the Primary fail them all traffic routes over the Backup link.

Over the last few weeks Primary 34mb circuit has become overloaded so the customer has asked us to route just the IPT subnets over the backup link.

We use EIGRP on the LAN side and redistribute into BGP on the WAN side.

So, now the customer wants us to route juts the IPT subnet in/out over the Backup link while all traffic continues to use the Primary cirucit . But should the Backup link fail we would need the IPT subnet to route back via the Primary link. Hope that makes sense.

Does anyone know the best way to achieve this.?

We use the following commands under EIGRP / BGP to route all traffic in/out over the Primary link. I've changed the ip addresses but hopefully you get the drift.

Thanks for any help in advance.


interface GigabitEthernet0

bandwidth 34000


interface GigabitEthernet0.16

description WAN Primary

ip address

router eigrp 8001


no auto-summary

timers active-time 10

redistribute bgp 49 route-map bgp-eigrp


router bgp 49

redistribute eigrp 8001 route-map eigrp-bgp

neighbor x.x.x.x remote-as 6xxx

neighbor x.x.x.x default-originate

neighbor x.x.x.x route-map set-localpref-pri in

neighbor x.x.x.x route-map set-med-pri out

maximum-paths 2

no auto-summary

route-map bgp-eigrp deny 10

description block any prev bgp-eigrp redistr routes

match tag 999


route-map bgp-eigrp permit 30

description set eigrp metric and set tag

set metric 34000 100 255 1 1500

set tag 999


route-map eigrp-bgp deny 10

description block any prev bgp-eigrp redistr routes

match tag 999


route-map eigrp-bgp permit 20

description permit all other routes learned via EIGRP

set metric 100


route-map set-med-pri permit 10

description set bgp med to influence inbound routing. Lower is better

set metric 100


route-map set-locafpref-pri permit 10

description set bgp local pref to influence outbound routing. higher is better

set local-preference 150

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jon Marshall Fri, 11/13/2009 - 05:07


For outbound traffic PBR (Policy Based routing) is the answer. You could also tie this in with IP SLA tracking to check if the next-hop is up and if not fall back to the primary link.

Are you familiar with PBR and tracking ?

For return traffic if you want it to use the backup link then you can use MED within BGP to influence which path inbound traffic takes.



john.pepper Fri, 11/13/2009 - 05:32

Hi Jon,

Yes, we've done a bit of PBR and tracking but only for VPN.

Are you able to shed a bit more light.?

Many thanks for your help.



Jon Marshall Fri, 11/13/2009 - 05:46


Apologies for the lack of detail, i'm on a bit of a tight schedule this afternoon so i'll have to be brief :-)

This link provides an example of using PBR with the "set ip next-hop verify-availability" which allows you to check if the next hop is up before using PBR. If it isn't up then the normal routing table will be used ie. the primary link in your case -

As for MED, you advertise the same subnet(s) out of both links but you add a weighting so that the backup link is preferred for your IPT subnet(s). If the link goes down then because the primary link is also advertising out the subnet traffic just comes in on the primary link. MED can be applied per IP address/subnet so it will only affect the IPT traffic.

Hope that's enough for you to be going on with. I'll check back later today.


john.pepper Fri, 11/13/2009 - 08:37

Cheers Jon. I'll have a look and get back to you on Monday.

Thanks again.


Paolo Bevilacqua Fri, 11/13/2009 - 08:40

Why don't you load share on these links ?

You will have the best resource utilization and backup protection without none of the added complications of PBR.

john.pepper Fri, 11/13/2009 - 09:45

We were looking into this as well using GLBP. Do you some experience of this as it's not something we've doen before.?



Paolo Bevilacqua Fri, 11/13/2009 - 09:50

There is absolutely nothing special about it, just simple routing. Any decently certified technician should be able to do that.

For the details, a complete diagram would need to be seen.


This Discussion